Email OTP

Create

post

Create a new Email OTP MFA.

Body

Create MFA of type Email OTP

namestring · min: 1 · max: 255 · nullableRequired

The name of the target Multi Factor Authentication. This must be the actual Multi Factor Authentication name used in the RAS farm.

siteIdinteger · int32Optional

Site ID in which to modify the specified Multi Factor Authentication. If the parameter is omitted, the site ID of the Licensing Server will be used.

descriptionstring · nullableOptional

A user-defined Multi Factor Authentication description.

enabledbooleanOptional

Enable or disable the Multi Factor Authentication upon creation. If the parameter is omitted, the Multi Factor Authentication is initialised as Disabled.

displayNamestring · max: 200 · nullableRequired

RADIUS type name.

userEnrollmentstring · enumOptional

User Enrollment

Possible values:

showInformationForUnenrolledUsersstring · enumOptional

Show information for unenrolled users

Possible values:

untilDateTimestring · date-time · nullableOptional

Allow User Enrollment until date/time

otpLifespanSecinteger · int32 · nullableOptional

The lifespan of the OTP (seconds)

externalEmailStoragestring · enumOptional

External email storage

Possible values:

emailContentstring · min: 1 · max: 2048 · nullableOptional

The content of the email. Possible variables: %OTP%, %DURATION%

emailSubjectstring · min: 1 · max: 300 · nullableOptional

The subject of the email. Possible variables: %OTP%

userMessagePromptstring · max: 300 · nullableOptional

User message prompt

adCustomAttributestring · min: 1 · max: 200 · nullableOptional

AD Custom Attribute

allowEnrollExternalEmailboolean · nullableOptional

Allow enrollment of external email

otpLengthinteger · int32 · nullableOptional

The length of the OTP generated

Responses

201

Created

application/json; api-version=1.0

401

Unauthorized

application/json; api-version=1.0

409

Conflict

application/json; api-version=1.0

post

/api/MFA/EmailOTP

POST /api/MFA/EmailOTP HTTP/1.1
Content-Type: application/json; api-version=1.0
Accept: */*
Content-Length: 516

{
  "name": "text",
  "siteId": 1,
  "description": "text",
  "enabled": true,
  "displayName": "text",
  "userEnrollment": [
    "0 = Allow",
    "1 = AllowUntil",
    "2 = DoNotAllow"
  ],
  "showInformationForUnenrolledUsers": [
    "0 = Always",
    "1 = IfEnrollmentIsAllowed",
    "2 = Never"
  ],
  "untilDateTime": "2026-02-01T14:52:42.482Z",
  "otpLifespanSec": 1,
  "externalEmailStorage": [
    "0 = RASDatabase",
    "1 = ADMail",
    "2 = ADCustom"
  ],
  "emailContent": "text",
  "emailSubject": "text",
  "userMessagePrompt": "text",
  "adCustomAttribute": "text",
  "allowEnrollExternalEmail": true,
  "otpLength": 1
}

{
  "id": 1,
  "adminCreate": "text",
  "adminLastMod": "text",
  "timeCreate": "2026-02-01T14:52:42.482Z",
  "timeLastMod": "2026-02-01T14:52:42.482Z",
  "name": "text",
  "siteId": 1,
  "description": "text",
  "enabled": true,
  "type": [
    "1 = Deepnet",
    "2 = SafeNet",
    "3 = Radius",
    "4 = AzureRadius",
    "5 = DuoRadius",
    "6 = FortiRadius",
    "7 = TekRadius",
    "8 = GAuthTOTP",
    "9 = TOTP",
    "10 = MicrosoftTOTP",
    "11 = EmailOTP"
  ],
  "inheritDefaultCriteriaSettings": true,
  "criteria": {
    "securityPrincipals": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "account": "text",
          "type": [
            "1 = User",
            "2 = Group",
            "3 = ForeignSecurityPrincipal",
            "4 = Computer"
          ],
          "sid": "text"
        }
      ]
    },
    "gateways": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "gatewayIP": "text"
        }
      ]
    },
    "oSs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "allowedOSes": {
        "chrome": true,
        "android": true,
        "webClient": true,
        "iOS": true,
        "linux": true,
        "mac": true,
        "wyse": true,
        "windows": true
      }
    },
    "iPs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "allowedIPs": {
        "iPv4s": [
          {
            "from": "text",
            "to": "text"
          }
        ],
        "iPv6s": [
          {
            "from": "text",
            "to": "text"
          }
        ]
      }
    },
    "hardwareIDs": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "hardwareID": "text"
        }
      ]
    },
    "access": [
      "0 = DenyCriteriaWhen",
      "1 = AllowCriteriaWhen"
    ],
    "devices": {
      "enabled": true,
      "matchingMode": [
        "0 = IsNotOneOfTheFollowing",
        "1 = IsOneOfTheFollowing"
      ],
      "members": [
        {
          "client": "text"
        }
      ]
    }
  },
  "displayName": "text",
  "userEnrollment": [
    "0 = Allow",
    "1 = AllowUntil",
    "2 = DoNotAllow"
  ],
  "showInformationForUnenrolledUsers": [
    "0 = Always",
    "1 = IfEnrollmentIsAllowed",
    "2 = Never"
  ],
  "untilDateTime": "2026-02-01T14:52:42.482Z",
  "otpLifespanSec": 1,
  "externalEmailStorage": [
    "0 = RASDatabase",
    "1 = ADMail",
    "2 = ADCustom"
  ],
  "emailContent": "text",
  "emailSubject": "text",
  "userMessagePrompt": "text",
  "adCustomAttribute": "text",
  "allowEnrollExternalEmail": true,
  "otpLength": 1
}

Update

put

Update the Email OTP MFA Site Settings.

Path parameters

idinteger · int32Required

The ID for which to modify the MFA settings.

Body

Update MFA of type TOTP

namestring · min: 1 · max: 255 · nullableOptional

The new name of the target multi-factor authentication .

descriptionstring · nullableOptional

A user-defined multi-factor authentication description.

enabledboolean · nullableOptional

Enable or disable the specified multi-factor authentication in a site.

inheritDefaultCriteriaSettingsboolean · nullableOptional

If true default criteria settings will be inherited.

Responses

204

No Content

401

Unauthorized

application/json; api-version=1.0

404

Not Found

application/json; api-version=1.0

put

/api/MFA/EmailOTP/{id}

PUT /api/MFA/EmailOTP/{id} HTTP/1.1
Content-Type: application/json; api-version=1.0
Accept: */*
Content-Length: 89

{
  "name": "text",
  "description": "text",
  "enabled": true,
  "inheritDefaultCriteriaSettings": true
}

No content

PreviousDuplicate NextRadius

Last updated 1 year ago

Was this helpful?

hashtagCreate

hashtagUpdate

Create

Update